ietf
[Top] [All Lists]

Re: LC comments on draft-laurie-pki-sunlight-05 - "acceptable root certificates" ?

2013-01-22 15:45:29
<snip>

>>> 3.1. Log Entries
>>>
>>>    Anyone can submit a certificate to any log.  In order to enable
>>>    attribution of each logged certificate to its issuer, the log SHALL
>>>    publish a list of acceptable root certificates (this list might
>>>    usefully be the union of root certificates trusted by major browser
>>>    vendors).  Each submitted certificate MUST be accompanied by all
>>>    additional certificates required to verify the certificate chain up
>>>    to an accepted root certificate.  The root certificate itself MAY be
>>>    omitted from this list.

a question I neglected to add here is: how do log services publish their lists of "acceptable root certificates" ?


=JeffH